Bug#1140120: libcrypt-dsa-perl: keep out of testing (eventually remove)
Dominic Hargreaves
dom at earth.li
Wed Jun 17 10:26:08 BST 2026
On Tue, Jun 16, 2026 at 05:48:42AM +0200, Salvatore Bonaccorso wrote:
> Source: libcrypt-dsa-perl
> Version: 1.20-1
> Severity: serious
> Justification: not suitable for stable release
> X-Debbugs-Cc: Dominic Hargreaves <dom at earth.li>, carnil at debian.org, team at security.debian.org
>
> Hi
>
> Cc'ing in particular Dominic if he wants to raise an objection.
>
> Crypt::DSA is deprecated and should actually not be used anymore, has
> security issues (which though got fixed so far).
>
> I propose to still keep libcrypt-dsa-perl out of testing and not to
> get included in forky. If Dominic agrees maybe even already remove it
> from unstable/testing. There are no issues with the removal itself:
>
> ,---- [ dak rm --suite=unstable -n -R libcrypt-dsa-perl ]
> | Will remove the following packages from unstable:
> |
> | libcrypt-dsa-perl | 1.21-1 | source, all
> |
> | Maintainer: Debian Perl Group <pkg-perl-maintainers at lists.alioth.debian.org>
> |
> | ------------------- Reason -------------------
> |
> | ----------------------------------------------
> |
> | Checking reverse dependencies...
> | No dependency problem found.
> `----
>
> And there is low and sinking popcon usage:
> https://qa.debian.org/popcon.php?package=libcrypt-dsa-perl
No concerns on my side; despite being in the Uploaders list, I don't recall any particular use case.
Dominic
More information about the pkg-perl-maintainers
mailing list